The cyber threat landscape continues to create immense challenges for organizations across the globe. While there was once a time where the risk tied to information security didn’t impact the internal audit function, that’s no longer the case.
Now, cybersecurity is a top concern for internal audit leaders, as more than 70 percent of survey respondents in the recent 2019 Internal Audit Priorities Report indicated that cybersecurity is the audit committee’s top concern…and rightly so.
With the immense damage a cyber indecent can cause for an organization, it’s important for these issues to be top of mind. Needless to say, audit leaders today would be wise to focus on the assurance functions related to cybersecurity, says Todd Shaffer, senior vice president and chief risk officer at Johnson Financial Group.
“You want internal audit leaders spending their resources on the appropriate risks within the company,” Shaffer told Internal Audit Insights during a recent video interview. “And protecting client data and associate data is of paramount importance.”
In part four of this four-part series on internal audit priorities in 2019, Internal Audit Insights caught up with Shaffer who discussed how internal audit leaders are approaching cybersecurity issues today.